Thursday, June 27, 2013

Manipulasi wp-config untuk Keamanan WordPress

. Thursday, June 27, 2013

Oke brother semua, WordPress kian hari kian banyak aja bugnya kayaknya sih. Sekarang saya akan share bagaimana kita manipulasi wp-config atau bisa disebut juga dengan menyembunyikan wp-config, terdengar konyol kan? Ngakak

Tapi saya disini hanya sekedar share saja lah lumayan buat di coba kan? Maho

Langsung TKP ya brow :

1. Buat Folder bernama misalkan homo .

2. Jika sudah copykan wp-config kalian ke folder homo kemudian rename menjadi gay.php

3. Kemudian buka dulu di address , saya disini mengetes di localhost, jadi :
Code:
http://localhost/wordpress/homo/gay.php

4. Kemudian liat disana muncul error , seperti ini :
Code:
Warning: require_once(C:\xampp\htdocs\wordpress\homo/wp-settings.php) [function.require-once]: failed to open stream: No such file or directory in C:\xampp\htdocs\wordpress\homo\gay.php on line 90

Fatal error: require_once() [function.require]: Failed opening required 'C:\xampp\htdocs\wordpress\homo/wp-settings.php' (include_path='.;\xampp\php\PEAR') in C:\xampp\htdocs\wordpress\homo\gay.php on line 90
Lihat Kata ini :
Code:
C:\xampp\htdocs\wordpress\homo\gay.php on line 90
Buka gay.php melalui notepad++ dan lihat di Line 90.
Kalian rubah require_once(ABSPATH . 'wp-settings.php'); menjadi require_once(ABSPATH . '../wp-settings.php');

5. Refresh, dan Lihat terdapat error lagi, layaknya :
Code:
Warning: require(C:\xampp\htdocs\wordpress\homo/wp-includes/load.php) [function.require]: failed to open stream: No such file or directory in C:\xampp\htdocs\wordpress\wp-settings.php on line 21

Fatal error: require() [function.require]: Failed opening required 'C:\xampp\htdocs\wordpress\homo/wp-includes/load.php' (include_path='.;\xampp\php\PEAR') in C:\xampp\htdocs\wordpress\wp-settings.php on line 21

Kalian Copy semua File wp-includes or Copy langsung saja dirnya ke dir homo.

6. Refresh kembali, dan ternyata blank. Semua dir homo kalian atur sendiri untuk mengamankan nya Smile.
Belum selsai .. kalian manipulasi dulu wp-config yang ada di home kalian , layaknya seperti ini saya manipulasi :

Code:
/**
* The base configurations of the WordPress.
*
* This file has the following configurations: MySQL settings, Table Prefix,
* Secret Keys, WordPress Language, and ABSPATH. You can find more information
* by visiting {@link http://codex.wordpress.org/Editing_wp-config.php Editing
* wp-config.php} Codex page. You can get the MySQL settings from your web host.
*
* This file is used by the wp-config.php creation script during the
* installation. You don't have to use the web site, you can just copy this file
* to "wp-config.php" and fill in the values.
*
* @package WordPress
*/

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'si_homo');

/** MySQL database username */
define('DB_USER', 'homo_kao');

/** MySQL database password */
define('DB_PASSWORD', 'gay_dasar_loe');

/** MySQL hostname */
define('DB_HOST', 'localhost');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

/**#@+
* Authentication Unique Keys and Salts.
*
* Change these to different unique phrases!
* You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
* You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
*
* @since 2.6.0
*/
define('AUTH_KEY',         'c3lVn iu`j#*x_nX9K1N*X)%#Mj;UPZ+@Ty/M/f8 3Y~c{Aa%Yl]uD]&/|H*..i4');
define('SECURE_AUTH_KEY',  'Y define('LOGGED_IN_KEY',    'ccrz>RKwh:n%.X%R32y2rgPY|y)3.Md(J.}p!o}<>sLeJ9oREEG2HSXO]4z5:Ygg');
define('NONCE_KEY',        'g(V<~wN{Tr_A^@K)tr)wkh-Lu~4[lQmY>D=[H#X,1ll!$J~YBsl$Id[Rg&%]');
define('AUTH_SALT',        'yRYaDcOM5m)el$U,6(:/3@~j}%`bQ?fC mwZE1$XM3:PSXv+Tv@{Q;)A6c-DrHl ');
define('SECURE_AUTH_SALT', 'W.*K>:H.1&q<*dW5jNo+~K}+vQqpp&u_tuL!voXXl~gc[.T define('LOGGED_IN_SALT',   '}@mJlO,SO~%T?.~R>!=t_u:T_^0lp4Qy, b_}(D:os>v2uEyhRPxL-D?&TQk21]+');
define('NONCE_SALT',       ';99){buN>>{lslBg-1Pm&r&g?N/O_;R7C0u_EXBtuxYfzBFs38YPSG#S>VU,SL5E');

/**#@-*/

/**
* WordPress Database Table prefix.
*
* You can have multiple installations in one database if you give each a unique
* prefix. Only numbers, letters, and underscores please!
*/
$table_prefix  = 'drom_';

/**
* WordPress Localized Language, defaults to English.
*
* Change this to localize WordPress. A corresponding MO file for the chosen
* language must be installed to wp-content/languages. For example, install
* de_DE.mo to wp-content/languages and set WPLANG to 'de_DE' to enable German
* language support.
*/
define('WPLANG', '');

/**
* For developers: WordPress debugging mode.
*
* Change this to true to enable the display of notices during development.
* It is strongly recommended that plugin and theme developers use WP_DEBUG
* in their development environments.
*/
define('WP_DEBUG', false);

/* That's all, stop editing! Happy blogging. */

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
    define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

Kemudian Save.

7. Refresh, dan lihat , jika terjadi error seperti ini :
Error establishing a database connection
hmm,, belum terkoneksi. tenang kalian buka File wp-load.php di notepad ++, kemudian lihat :

- Line 26 : ada wp-config.php rubah menjadi homo/gay.php
- Line 29 : ada wp-config.php rubah menjadi homo/gay.php
- Line 31 : ada wp-config.php rubah menjadi homo/gay.php
- Line 34 : ada wp-config.php rubah menjadi homo/gay.php

Kemudian Save , dan lihat hasilnya.
Wew masih error, layaknya :
Code:
Warning: require_once(C:\xampp\htdocs\wordpress/../wp-settings.php) [function.require-once]: failed to open stream: No such file or directory in C:\xampp\htdocs\wordpress\homo\gay.php on line 90

Fatal error: require_once() [function.require]: Failed opening required 'C:\xampp\htdocs\wordpress/../wp-settings.php' (include_path='.;\xampp\php\PEAR') in C:\xampp\htdocs\wordpress\homo\gay.php on line 90

Kalian buka file gay.php kemudian ke Line 90 , rubah require_once(ABSPATH . '../wp-settings.php'); menjadi require_once(ABSPATH . './wp-settings.php');

Kemudian Save, dan Lihat hasilnya.

dan ternyata berhasil normal kembali, dan jika ada yang s#mlink... hmmm pasti dia homo... What

Mungkin tutorial ini berguna jika semua normal, saya tadi di cek di localhost normal, dan belum mencoba di site sendiri, jika ada kesalahan coba post disini dimana kesalahannya. Okay? Mantab

semoga bermanfaat !

0 comments: